--- gvpe/src/global.h	2013/07/17 04:36:03	1.28
+++ gvpe/src/global.h	2013/09/20 11:57:03	1.33
@@ -67,13 +67,16 @@
 #define PROTOCOL_MAJOR 1
 #define PROTOCOL_MINOR 0
 
+#define SERIAL_SIZE	16
+
 #define SEED_SIZE	64 // how many octets to seed rng with
 
+#define RSA_OAEP_SIZE	41
+
 #define HKDF_XTR_HASH	EVP_sha512
 #define HKDF_PRF_HASH	EVP_sha256
 
-#define HKDF_SALT	32
-#define IKM_SIZE	32
+#define HKDF_SALT	24 // how many bytes for the hkdf salt
 
 #define RSA_KEYLEN	(RSABITS >> 3)
 
@@ -83,9 +86,11 @@
 
 #define CIPHER		ENABLE_CIPHER
 #define CIPHER_KEYSIZE	(KEY_SIZE (CIPHER))
+#define CIPHER_IKMSIZE	(CIPHER_KEYSIZE * 3 / 2) // randomness in rsa challenge
 
-#define MAC_DIGEST	ENABLE_DIGEST
-#define MAC_KEYSIZE	HASH_SIZE (ENABLE_DIGEST)	// number of bits used for the HMAC key
+#define MAC_DIGEST	ENABLE_HMAC
+#define MAC_KEYSIZE	HASH_SIZE (ENABLE_HMAC)	// number of bits used for the HMAC key
+#define MAC_IKMSIZE	(MAC_KEYSIZE    * 3 / 2) // randomness in rsa challenge
 
 #define WINDOWSIZE	512		// sliding window size
 #define MAX_SEQNO	(0xfffffff0U - WINDOWSIZE * 8)
@@ -99,7 +104,7 @@
 #define TCP_OVERHEAD  (IP_OVERHEAD + 22)	// size of a (normal) ip + tcp header + packetlength
 #define MAX_OVERHEAD  UDP_OVERHEAD		// the max. overhead of any protocol (ok, tcp doesn't count)
 #define ETH_OVERHEAD  14			// the size of an ethernet header
-#define MAXSIZE       (MAX_MTU + VPE_OVERHEAD)	// slightly too large, but who cares
+#define MAXSIZE       (MAX_MTU + IP_OVERHEAD)	// slightly too large, but who cares
 
 #define PKTCACHESIZE	16	// the size of the memory pool for packets